$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145163.roa File: AS145163.roa (raw, json) Hash identifier: RGSsEngukQt/D3QQVszEMFKmQcA9MdDhenjKQSQqm2s= Subject key identifier: 96:8D:1F:A5:CF:57:DA:FA:D9:3F:4C:70:7D:28:9B:37:42:6A:47:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4F2AA5405256583385A8424ABD038B5912F733EF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145163.roa Signing time: Wed 04 Mar 2026 06:21:37 +0000 ROA not before: Wed 04 Mar 2026 06:16:37 +0000 ROA not after: Wed 03 Mar 2027 06:21:37 +0000 asID: 145163 IP address blocks: 240a:a9d1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:2a:a5:40:52:56:58:33:85:a8:42:4a:bd:03:8b:59:12:f7:33:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:37 2026 GMT Not After : Mar 3 06:21:37 2027 GMT Subject: CN=968D1FA5CF57DAFAD93F4C707D289B37426A4797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:54:58:02:d3:e5:d9:76:92:72:71:d5:57:f7: db:65:55:30:20:f4:ee:3b:c1:d5:49:e2:00:28:24: ea:bf:18:d5:9e:10:fa:af:c1:a5:d6:c4:67:7c:a7: da:f9:ab:50:ea:5f:ca:d6:cb:fc:b2:d3:d3:5c:ff: 3f:50:92:2c:26:e1:b8:41:ad:35:82:09:8f:95:98: 7a:d5:bd:f4:0f:2f:88:23:b0:ec:fe:e8:c9:ff:52: ee:5e:90:cf:00:40:92:3a:95:95:c6:5a:29:6a:e3: bc:cd:61:7a:41:b8:e8:27:19:5a:ad:16:33:0a:1c: 2a:e0:9e:ee:4c:a4:3d:15:ba:85:c2:d7:ce:06:03: be:c6:06:33:8e:fe:46:d8:23:d0:0d:c3:09:f4:a1: a6:c2:ed:c6:7a:7d:30:cb:3c:8e:2e:14:e4:00:e0: 9e:20:ba:2e:85:d4:b7:7e:9a:f5:9a:33:70:5a:40: e0:cb:15:cd:d2:1b:37:4f:0b:a4:42:60:bb:8f:4f: 11:70:62:71:6b:e7:b9:6a:ac:8f:54:1f:3f:66:a2: 64:58:8f:0c:da:98:60:89:24:a6:75:54:52:df:73: c8:9b:61:ef:37:e4:9c:0a:10:d1:fc:d4:a3:9c:95: b4:2f:a4:3f:3e:20:0c:c0:76:54:63:5b:d2:88:fd: 21:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:8D:1F:A5:CF:57:DA:FA:D9:3F:4C:70:7D:28:9B:37:42:6A:47:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145163.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9d1::/32 Signature Algorithm: sha256WithRSAEncryption da:4a:5a:d3:22:0c:2f:b2:4a:79:b0:84:97:a4:15:a6:c3:dd: 82:e2:75:06:41:63:77:2c:52:9a:2b:0e:72:36:b4:91:03:9b: 2c:48:db:a4:dd:4b:b0:81:5f:ff:04:3a:1c:e5:32:94:b3:47: eb:dd:30:b5:34:b7:18:0f:8b:b5:65:b7:8d:df:c6:39:6c:48: 1a:1d:af:ad:f4:fc:09:11:7e:d2:59:f7:f9:5a:c5:e1:4f:ff: 80:37:f1:fe:9e:ca:e3:9f:6a:93:e6:49:5c:de:ca:a3:aa:bb: 21:61:3a:ee:7d:4f:99:ae:89:21:cc:2d:a5:4c:00:29:d1:fc: 16:53:48:b3:7b:58:49:00:2f:53:a3:a3:19:36:8b:b8:1f:4c: 47:ed:73:85:4e:a2:a4:a6:99:9b:f5:a4:e9:2d:60:d6:1f:70: 42:81:4f:7e:ef:ce:0b:c4:70:d7:e5:be:c6:76:3a:f5:c0:3a: 05:5e:54:c8:3b:b4:9c:88:29:04:57:c8:94:20:75:71:8a:8b: 95:99:cc:cd:76:89:06:de:e6:73:82:d2:ae:45:9c:54:06:65: 1a:db:81:da:25:dc:ee:a3:e1:b2:3a:97:27:39:d0:ac:3f:54: 4a:dc:4b:ca:f6:dc:e1:bd:29:f7:c2:db:bb:6c:26:31:40:d7: 5a:0f:a8:4a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTyqlQFJWWDOFqEJKvQOLWRL3M+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYzN1oX DTI3MDMwMzA2MjEzN1owMzExMC8GA1UEAxMoOTY4RDFGQTVDRjU3REFGQUQ5M0Y0 QzcwN0QyODlCMzc0MjZBNDc5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMNUWALT5dl2knJx1Vf322VVMCD07jvB1UniACgk6r8Y1Z4Q+q/BpdbEZ3yn 2vmrUOpfytbL/LLT01z/P1CSLCbhuEGtNYIJj5WYetW99A8viCOw7P7oyf9S7l6Q zwBAkjqVlcZaKWrjvM1hekG46CcZWq0WMwocKuCe7kykPRW6hcLXzgYDvsYGM47+ Rtgj0A3DCfShpsLtxnp9MMs8ji4U5ADgniC6LoXUt36a9ZozcFpA4MsVzdIbN08L pEJgu49PEXBicWvnuWqsj1QfP2aiZFiPDNqYYIkkpnVUUt9zyJth7zfknAoQ0fzU o5yVtC+kPz4gDMB2VGNb0oj9IfsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSWjR+l z1fa+tk/THB9KJs3QmpHlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTE2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qdEwDQYJKoZIhvcNAQELBQADggEBANpKWtMiDC+ySnmwhJekFabD3YLidQZBY3cs UporDnI2tJEDmyxI26TdS7CBX/8EOhzlMpSzR+vdMLU0txgPi7Vlt43fxjlsSBod r630/AkRftJZ9/laxeFP/4A38f6eyuOfapPmSVzeyqOquyFhOu59T5muiSHMLaVM ACnR/BZTSLN7WEkAL1Ojoxk2i7gfTEftc4VOoqSmmZv1pOktYNYfcEKBT37vzgvE cNflvsZ2OvXAOgVeVMg7tJyIKQRXyJQgdXGKi5WZzM12iQbe5nOC0q5FnFQGZRrb gdol3O6j4bI6lyc50Kw/VErcS8r23OG9KffC27tsJjFA11oPqEo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:01 2026 by rpki-client